Finding and fixing vulnerabilities in information systems the vulnerability assessment & mitigation methodology
Understanding an organization's reliance on information systems and how to mitigate the vulnerabilities of these systems can be an intimidating challenge--especially when considering less well-known weaknesses or even unknown vulnerabilities that have not yet been exploited. The authors, unders...
| Main Author: | |
|---|---|
| Format: | eBook |
| Language: | English |
| Published: |
Santa Monica, CA
Rand
2003, 2003
|
| Series: | Rand note
|
| Subjects: | |
| Online Access: | |
| Collection: | JSTOR Open Access Books - Collection details see MPG.ReNa |
Table of Contents:
- Introduction
- Concepts and definitions
- VAM methodology and other DoD practices in risk assessment
- Vulnerability attributes of system objects
- Direct and indirect security techniques
- Generating security options for vulnerabilities
- Automating and executing the methodology: a spreadsheet tool
- Next steps and discussion
- Summary and conclusions
- Appendix: Vulnerability to mitigation map values
- Includes bibliographical references